Creative Community Portal Multiple SQL Injection Vulnerabilities

Creative Community Portal Multiple SQL Injection Vulnerabilities

These issues can be exploited through a web client.

The following example URIs are sufficient to demonstrate these vulnerabilities:

http://www.example.com/ArticleView.php?article_id=[SQL]
http://www.example.com/DiscView.php?mid=144&forum_id=[SQL]
http://www.example.com/Discussions.php?forum_id=[SQL]
http://www.example.com/EventView.php?event_id=[SQL]
http://www.example.com/PollResults.php?answer_id=32&AddVote=[SQL]
http://www.example.com/PollResults.php?answer_id=[SQL]
http://www.example.com/DiscReply.php?forum_id=1&mid=[SQL]